From 9524fabb8586b180e9d9595d902cd3810e67401c Mon Sep 17 00:00:00 2001 From: Grimmauld Date: Tue, 2 Jul 2024 20:04:55 +0200 Subject: [PATCH] fix openssh --- common/tooling/security.nix | 1 + modules/default.nix | 3 ++- modules/factorio.nix | 27 +++++++++++++++++++++++++++ nix/sources.json | 30 +++++++++++++++--------------- 4 files changed, 45 insertions(+), 16 deletions(-) create mode 100644 modules/factorio.nix diff --git a/common/tooling/security.nix b/common/tooling/security.nix index ae9845f..49c9928 100644 --- a/common/tooling/security.nix +++ b/common/tooling/security.nix @@ -59,6 +59,7 @@ in ++ optional graphical pkgs.lxqt.lxqt-policykit; services.passSecretService.enable = mkIf (tooling.enable && tooling.pass) true; + services.openssh.settings.LoginGraceTime = 0; programs.gnupg.agent = { settings = { # default-cache-ttl = 6000; diff --git a/modules/default.nix b/modules/default.nix index e707c43..ff445b3 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -10,7 +10,7 @@ in ./gitea.nix ./grafana.nix ./nextcloud.nix - ./prometheus.nix + # ./prometheus.nix # ./mjolnir.nix ./fail2ban.nix ./email.nix @@ -19,6 +19,7 @@ in ./nix_cache.nix ./auth.nix ./hedgedoc.nix + ./factorio.nix ]; options.serverConfig = diff --git a/modules/factorio.nix b/modules/factorio.nix new file mode 100644 index 0000000..0ca69c8 --- /dev/null +++ b/modules/factorio.nix @@ -0,0 +1,27 @@ +{ pkgs, config, lib, ...}: { + + networking.firewall.allowedTCPPorts = [ + 34197 + ]; + + networking.firewall.allowedUDPPorts = [ + 34197 + ]; + + + systemd.services.clusterio-trangar = { + description = "clusterio pulling its config from trang.ar"; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + serviceConfig.Type = "simple"; + # serviceConfig.PassEnvironment = "NIX_PATH"; + #serviceConfig.User = "grimmauld"; + #serviceConfig.Group = "users"; + serviceConfig.WorkingDirectory = "/home/grimmauld/clusterio"; + script = '' + ${lib.getExe' config.nix.package "nix-shell"} -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos /home/grimmauld/clusterio/shell.nix + ''; + wantedBy = ["multi-user.target"]; # starts after login + enable = true; + }; +} diff --git a/nix/sources.json b/nix/sources.json index 1d7f324..62d0dd0 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -5,10 +5,10 @@ "homepage": "https://matrix.to/#/#agenix:nixos.org", "owner": "ryantm", "repo": "agenix", - "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", - "sha256": "1lpkwinlax40b7xgzspbkm9rsi4a1x48hxhixnni4irxxwnav0ah", + "rev": "3a56735779db467538fb2e577eda28a9daacaca6", + "sha256": "1h66zapc6im07k3kcgvhy3lhzahb70vd6m2ijhz4i0v6mn5l3fk9", "type": "tarball", - "url": "https://github.com/ryantm/agenix/archive/c2fc0762bbe8feb06a2e59a364fa81b3a57671c9.tar.gz", + "url": "https://github.com/ryantm/agenix/archive/3a56735779db467538fb2e577eda28a9daacaca6.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "authentik-nix": { @@ -17,10 +17,10 @@ "homepage": "", "owner": "nix-community", "repo": "authentik-nix", - "rev": "1942bdac27c337559ca16ddb7fca5c9ffb686e5b", - "sha256": "15xrzv6i0wkj3qrxpscgnq2kgc6xbjp26lhhlmvjgiv4bqm2q1dv", + "rev": "bb756751b02b3138a2cba58064a28ddc6f2648df", + "sha256": "118jnqj0pxvwx7kaz6im9g4ys8sgm1xslz4figqq4nq417vjh86p", "type": "tarball", - "url": "https://github.com/nix-community/authentik-nix/archive/1942bdac27c337559ca16ddb7fca5c9ffb686e5b.tar.gz", + "url": "https://github.com/nix-community/authentik-nix/archive/bb756751b02b3138a2cba58064a28ddc6f2648df.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "chaotic": { @@ -29,10 +29,10 @@ "homepage": "https://nyx.chaotic.cx", "owner": "chaotic-cx", "repo": "nyx", - "rev": "798d56d819cd7d46ba9202afe81040887ac868ef", - "sha256": "1b1nish8zhc6mxp07rw874sqsf8212gg4srwyknd7fidn9gsk5jr", + "rev": "0e99464b8956307678b60ec7540e6cad730ee825", + "sha256": "1ksi4pssnxaa1pmxdk25gpbciaffjr5py3hdw0ifr0zcs8z22hyy", "type": "tarball", - "url": "https://github.com/chaotic-cx/nyx/archive/798d56d819cd7d46ba9202afe81040887ac868ef.tar.gz", + "url": "https://github.com/chaotic-cx/nyx/archive/0e99464b8956307678b60ec7540e6cad730ee825.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "glibc-eac": { @@ -50,19 +50,19 @@ "lix-module": { "branch": "main", "repo": "https://git.lix.systems/lix-project/nixos-module.git", - "rev": "4e25f1ab68f2270f9cff59216056c21073db0164", + "rev": "5d9d94089fb1ca96222a34bfe245ef5c5ebefd37", "type": "git" }, "lix-pkg": { "branch": "main", "repo": "https://git.lix.systems/lix-project/lix.git", - "rev": "8a3d063a494c4b8c767190a5ce3e4075a75f9d07", + "rev": "865a3732faca16a79bf24982011adf100de04463", "type": "git" }, "nixos-mailserver": { "branch": "master", "repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git", - "rev": "29916981e7b3b5782dc5085ad18490113f8ff63b", + "rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b", "type": "git" }, "nixos-matrix-modules": { @@ -83,10 +83,10 @@ "homepage": null, "owner": "NixOS", "repo": "nixpkgs", - "rev": "57d6973abba7ea108bac64ae7629e7431e0199b6", - "sha256": "1sx6ijjj0cic06khxb13iaihqadwm8drixy9rw32xapdvj6x92pm", + "rev": "2741b4b489b55df32afac57bc4bfd220e8bf617e", + "sha256": "19z8yxgjm9jx7dls8942k6d8vp4dgh52azj1d6jgsy1vb27rw56k", "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/57d6973abba7ea108bac64ae7629e7431e0199b6.tar.gz", + "url": "https://github.com/NixOS/nixpkgs/archive/2741b4b489b55df32afac57bc4bfd220e8bf617e.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "ranger_udisk_menu": {